WHO WE ARE
We are AstraZeneca UK Ltd whose registered office is 1 Francis Crick Avenue, Cambridge Biomedical Campus, Cambridge, CB2 0AA. (We call ourselves “AstraZeneca”, “We”, “Us”, “Our”) and We are the recipient of any information you may send us by filling in our website form and submitting your report.
We may change this Privacy Notice from time to time. Therefore, We ask you to check this Privacy Notice occasionally to ensure that you are aware of the most recent version which will apply to your personal data. We will of course notify you of any changes where We are required to do so.
Despite the possibility to submit an adverse event report on your own, if you are a young person under 16 years old, We strongly encourage you if possible to discuss your symptoms and the side effect/s from our medicinal products you have experienced or suspected with your parent/legal guardian or your doctor, who can file a report on your behalf. We ask you to do so because sometimes the information that an adult (especially a doctor) could provide may contain useful conclusions and arguments which you as a young person may not understand correctly or may misinterpret. Furthermore, submitting a report on your own would mean that you will reveal information about yourself (personal data) and some of this information may be very special or sensitive, because it is about your health. We appreciate the possibility to get firsthand information by Our young patients, but We are very concerned about your personal data and we want you to keep it safe. With this Privacy Notice We want to explain you what personal data We may collect about you and what We may do with it, if you choose to file a report on your own.
WHAT INFORMATION DO WE COLLECT?
As part of completing Our online report form We may collect the following personal data about you:
- Your Name
- Your address, phone number, email address
- Your birthday
- Whether you are a boy or a girl
- Your description of how Our medicine which you were taking made you feel, We called them the side effect(s) you experienced, when you started to and for how long you were experiencing them
- Your description of the AstraZeneca medicine (its name, colour, form, other details) you were taking, why were you taking it, how much of the medicine and how often were you taking it, when did you start and for how long were you taking the medicine
- Any other information you choose to share with us
Therefore, some of the descriptions you will provide in relation to your report may contain information about your health and this information is called special or sensitive personal data about you.
HOW DO WE USE YOUR DATA?
We need the information you give Us because We must follow a special law. This law is in place to ensure that Our medicines are of good quality and are safe for people to use. As part of this law we must report any side effects that may be connected to the use of Our medicines. As part of you giving us this information, We may also contact you if we need more information about your report, or to give you feedback if you requested such. Therefore, if you do not provide us your personal data, We may not be able to track the adverse event you reported or provide you feedback.
In some cases, We may use the information you gave us to help protect Our rights (legitimate interests) related to Our medicines if we need to defend them in a court case.
HOW DO WE KEEP YOUR DATA
We may not keep your data forever. So AstraZeneca stores your personal data as permitted by local laws and also in accordance with Our rules for keeping data, which We describe here: www.astrazenecapersonaldataretention.com We will only keep your data for as long as it is necessary for Us to fulfill Our legal obligations, or to defend Our legal claims. When your personal data is no longer necessary for these purposes, it will be securely deleted. This may mean that your personal data is stored by AstraZeneca for a number of years, depending on the purpose and need for that data to be used by Us.
WHO MAY VIEW YOUR DATA?
For the reasons We explained in this Notice your personal data may be shared with local and/or foreign regulatory bodies and other companies in the AstraZeneca group. We may also share your personal data with certain other persons like consultants to verify if we do well with our obligations; or with authorities, lawyers or other persons who We need to share your data with to meet legal requirements or in case of a (court) claim; or with the buyer of AstraZeneca if We sell or set up a collaboration for all or part of Our business.
However, when your data is held by AstraZeneca, personal data which identifies you as a patient will only be viewable by AstraZeneca’s patient safety team which is in the country where you live and a small number of technical professionals who provide global support on the computer system where AstraZeneca keeps the personal data. AstraZeneca will remove any patient identifiers (e.g. your name or address) prior to using or sharing the data beyond the local safety team or system administrators, i.e. We still may share some of your data but the other person would not know that this data is related to you. Information which is important for the medical assessment of the report, such as age and gender, may be disclosed to government or state bodies in order to comply with Our legal obligations.
AstraZeneca entities and the other persons We may share your data with may be based anywhere in the world, which could include countries that may not offer the same legal protections for personal data as in your country. AstraZeneca will follow local data protection requirements and its internal global privacy standard when We transfer your data. AstraZeneca will also apply the necessary protections required by the laws in your country when We transferring the data . When we transfer your data to another country , We would only share your personal data if the other person needs the data to do his job and under the controls described in AstraZeneca’s Binding Corporate Rules (which you can find here) or EU Standard Contract Clauses). You may have the right to receive a copy of AstraZeneca’s Binding Corporate Rules and/or the AstraZeneca’s EU Standard Contract Clauses upon request by contacting AstraZeneca on email@example.com.
HOW WE PROTECT YOUR DATA
We keep information about you on a computer. There are strict controls about who can see your data. We also have good privacy and security rules in place to ensure, as far as reasonably possible, the security and integrity of all Our information, including your personal data.
More information on how AstraZeneca complies with its data privacy obligations can be found in Our internal global privacy standard
YOU HAVE RIGHTS
You and/or your parent/legal guardian may contact AstraZeneca here:
www.astrazenecapersonaldataretention.com at any time to request
- access to your personal data,
- to correct any mistakes or to request deletion of such mistakes,
- to request that we restrict the use of your data
- to object to certain uses of your personal data.
If such a request makes AstraZeneca or its affiliates to break its/their obligations under the laws, regulations or codes of practice, then AstraZeneca may not be able to meet your request but you may still be able to request that We restrict the use of your personal data for further use.
A person at AstraZeneca is called Data Protection Officer and that person is responsible for overseeing AstraZeneca’s data protection obligations, and who you may contact at firstname.lastname@example.org in case of any questions regarding the use of your personal data. If AstraZeneca’s use of your personal data is covered by EU law (for example if you live in one of the countries in the European Union) you may also have the right to complaint with the Data Protection Supervisory Authority in the country where you live. You can find the relevant Supervisory Authority name and contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
Last updated March 2020